Sneaky Tactics for Bloatware

Clicking the X actually opted you in! As Lenovo resolves the Superfish bloatware scandal from 2015, a surprising detail has emerged from the fine print of the settlement. Consumers who bought Lenovo laptops with “man-in-the-middle” Superfish adware (by a company called VisualDiscovery) likely fell for a trick later made infamous by Microsoft: clicking the “X” to dismiss the program actually opted them into it.

Lenovo settled with the Federal Trade Commission on Tuesday, paying a reported $3.5 million in fines and agreeing to other security concessions to prevent a repeat of the Superfish debacle. According to the FTC, the software allowed VisualDiscovery to see all of a consumer’s sensitive personal information transmitted over the Internet, including log-in information, Social Security numbers, and more. In 2015, Lenovo CTO Peter Hortensius called the decision to use Superfish a “significant mistake.”